[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-45143":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":36,"aliases":37,"duplicate_of":9,"upstream":40,"downstream":41,"duplicates":58,"related":59,"reserved_at":9,"published_at":64,"modified_at":65,"state":66,"summary":67,"references_raw":76,"kevs":117,"epss":118,"epss_history":121,"metrics":380,"affected":388},"CVE-2022-45143","The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-116","Improper Encoding or Escaping of Output","The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.","weakness","Draft","Class","High",[20,24,28,32],{"id":21,"name":22,"techniques":23},"CAPEC-104","Cross Zone Scripting",[],{"id":25,"name":26,"techniques":27},"CAPEC-73","User-Controlled Filename",[],{"id":29,"name":30,"techniques":31},"CAPEC-81","Web Server Logs Tampering",[],{"id":33,"name":34,"techniques":35},"CAPEC-85","AJAX Footprinting",[],[],[38,39],"GHSA-rq2w-37h9-vg94","BIT-tomcat-2022-45143",[],[42,44,46,48,50,52,54,56],{"_key":43},"SUSE-SU-2023:1853-1",{"_key":45},"OPENSUSE-SU-2024:12847-1",{"_key":47},"OPENSUSE-SU-2024:13441-1",{"_key":49},"DSA-5381-1",{"_key":51},"RHSA-2023:1663",{"_key":53},"MGASA-2023-0138",{"_key":55},"DEBIAN-CVE-2022-45143",{"_key":57},"UBUNTU-CVE-2022-45143",[],[60,61,62,63],{"_key":43},{"_key":45},{"_key":47},{"_key":53},"2023-01-03T18:12:28.351Z","2024-08-03T14:09:56.475Z","Modified",{"cisa_kev":68,"cisa_ransomware":68,"cisa_vendor":9,"epss_severity":69,"epss_score":70,"severity":71,"severity_score":72,"severity_version":73,"severity_source":74,"severity_vector":75,"severity_status":66},false,"low",0.00889,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",[77,86,91,95,100,104,108,112],{"url":78,"sources":79,"tags":82},"https://lists.apache.org/thread/yqkd183xrw3wqvnpcg3osbcryq85fkzj",[80,74,81],"cve.org","osv_maven",[83,84,85],"Vendor Advisory","Mailing List","WEB",{"url":87,"sources":88,"tags":89},"https://security.gentoo.org/glsa/202305-37",[80,74,81],[90,85],"Third Party Advisory",{"url":92,"sources":93,"tags":94},"https://security.netapp.com/advisory/ntap-20230216-0009/",[80,74],[],{"url":96,"sources":97,"tags":98},"https://nvd.nist.gov/vuln/detail/CVE-2022-45143",[81],[99],"Advisory",{"url":101,"sources":102,"tags":103},"https://github.com/apache/tomcat/commit/0cab3a56bd89f70e7481bb0d68395dc7e130dbbf",[81],[85],{"url":105,"sources":106,"tags":107},"https://github.com/apache/tomcat/commit/6a0ac6a438cbbb66b6e9c5223842f53bf0cb50aa",[81],[85],{"url":109,"sources":110,"tags":111},"https://github.com/apache/tomcat/commit/b336f4e58893ea35114f1e4a415657f723b1298e",[81],[85],{"url":113,"sources":114,"tags":115},"https://github.com/apache/tomcat",[81],[116],"PACKAGE",[],{"date":119,"score":70,"percentile":120},"2026-06-04",0.7589,[122,126,129,132,135,138,141,144,147,150,153,156,158,161,164,168,171,174,177,180,182,185,188,191,193,196,199,202,205,208,211,213,215,217,220,223,226,229,232,235,238,241,244,247,250,253,256,258,261,264,267,269,272,274,277,279,281,284,287,290,293,297,300,303,306,309,312,315,318,321,324,326,328,331,334,337,340,343,346,350,353,356,359,362,365,367,369,372,374,377],{"date":123,"score":124,"percentile":125},"2025-11-04",0.00728,0.71857,{"date":127,"score":124,"percentile":128},"2025-11-05",0.71841,{"date":130,"score":124,"percentile":131},"2025-11-06",0.71838,{"date":133,"score":124,"percentile":134},"2025-11-07",0.71852,{"date":136,"score":124,"percentile":137},"2025-11-08",0.7185,{"date":139,"score":124,"percentile":140},"2025-11-09",0.71843,{"date":142,"score":124,"percentile":143},"2025-11-10",0.71832,{"date":145,"score":124,"percentile":146},"2025-11-11",0.71839,{"date":148,"score":124,"percentile":149},"2025-11-12",0.71858,{"date":151,"score":124,"percentile":152},"2025-11-13",0.71865,{"date":154,"score":124,"percentile":155},"2025-11-14",0.71872,{"date":157,"score":124,"percentile":155},"2025-11-15",{"date":159,"score":124,"percentile":160},"2025-11-16",0.7187,{"date":162,"score":124,"percentile":163},"2025-11-17",0.71862,{"date":165,"score":166,"percentile":167},"2025-11-18",0.06435,0.90115,{"date":169,"score":166,"percentile":170},"2025-11-19",0.9012,{"date":172,"score":166,"percentile":173},"2025-11-20",0.90123,{"date":175,"score":124,"percentile":176},"2025-11-21",0.71889,{"date":178,"score":124,"percentile":179},"2025-11-22",0.71883,{"date":181,"score":124,"percentile":152},"2025-11-23",{"date":183,"score":124,"percentile":184},"2025-11-24",0.71856,{"date":186,"score":124,"percentile":187},"2025-11-25",0.71859,{"date":189,"score":124,"percentile":190},"2025-11-26",0.71864,{"date":192,"score":124,"percentile":152},"2025-11-27",{"date":194,"score":124,"percentile":195},"2025-11-28",0.71853,{"date":197,"score":124,"percentile":198},"2025-11-29",0.71845,{"date":200,"score":124,"percentile":201},"2025-11-30",0.7184,{"date":203,"score":124,"percentile":204},"2025-12-01",0.71972,{"date":206,"score":124,"percentile":207},"2025-12-02",0.71985,{"date":209,"score":124,"percentile":210},"2025-12-03",0.71983,{"date":212,"score":124,"percentile":198},"2025-12-04",{"date":214,"score":124,"percentile":184},"2025-12-05",{"date":216,"score":124,"percentile":125},"2025-12-06",{"date":218,"score":124,"percentile":219},"2025-12-07",0.71863,{"date":221,"score":124,"percentile":222},"2025-12-08",0.71867,{"date":224,"score":124,"percentile":225},"2025-12-09",0.719,{"date":227,"score":124,"percentile":228},"2025-12-10",0.71937,{"date":230,"score":124,"percentile":231},"2025-12-11",0.71957,{"date":233,"score":124,"percentile":234},"2025-12-12",0.71981,{"date":236,"score":124,"percentile":237},"2025-12-13",0.71988,{"date":239,"score":124,"percentile":240},"2025-12-14",0.7199,{"date":242,"score":124,"percentile":243},"2025-12-15",0.71989,{"date":245,"score":124,"percentile":246},"2025-12-16",0.71997,{"date":248,"score":124,"percentile":249},"2025-12-17",0.72011,{"date":251,"score":124,"percentile":252},"2025-12-18",0.7203,{"date":254,"score":124,"percentile":255},"2025-12-19",0.72046,{"date":257,"score":124,"percentile":255},"2025-12-20",{"date":259,"score":124,"percentile":260},"2025-12-21",0.7204,{"date":262,"score":124,"percentile":263},"2025-12-22",0.72038,{"date":265,"score":124,"percentile":266},"2025-12-23",0.72034,{"date":268,"score":124,"percentile":263},"2025-12-24",{"date":270,"score":124,"percentile":271},"2025-12-25",0.72064,{"date":273,"score":124,"percentile":271},"2025-12-26",{"date":275,"score":124,"percentile":276},"2025-12-27",0.72106,{"date":278,"score":124,"percentile":263},"2025-12-28",{"date":280,"score":124,"percentile":266},"2025-12-29",{"date":282,"score":124,"percentile":283},"2025-12-30",0.72049,{"date":285,"score":124,"percentile":286},"2025-12-31",0.7207,{"date":288,"score":124,"percentile":289},"2026-01-01",0.72218,{"date":291,"score":124,"percentile":292},"2026-01-02",0.72213,{"date":294,"score":295,"percentile":296},"2026-01-03",0.0095,0.75967,{"date":298,"score":295,"percentile":299},"2026-01-04",0.75827,{"date":301,"score":295,"percentile":302},"2026-01-05",0.75818,{"date":304,"score":295,"percentile":305},"2026-01-06",0.7583,{"date":307,"score":295,"percentile":308},"2026-01-07",0.75841,{"date":310,"score":295,"percentile":311},"2026-01-08",0.75853,{"date":313,"score":295,"percentile":314},"2026-01-09",0.7586,{"date":316,"score":295,"percentile":317},"2026-01-10",0.75861,{"date":319,"score":295,"percentile":320},"2026-01-11",0.75845,{"date":322,"score":295,"percentile":323},"2026-01-12",0.75832,{"date":325,"score":295,"percentile":323},"2026-01-13",{"date":327,"score":295,"percentile":314},"2026-01-14",{"date":329,"score":295,"percentile":330},"2026-01-15",0.75867,{"date":332,"score":295,"percentile":333},"2026-01-16",0.75879,{"date":335,"score":295,"percentile":336},"2026-01-17",0.7588,{"date":338,"score":295,"percentile":339},"2026-01-18",0.75874,{"date":341,"score":295,"percentile":342},"2026-01-19",0.7587,{"date":344,"score":295,"percentile":345},"2026-01-20",0.75872,{"date":347,"score":348,"percentile":349},"2026-01-21",0.01102,0.77598,{"date":351,"score":348,"percentile":352},"2026-01-22",0.77605,{"date":354,"score":348,"percentile":355},"2026-01-23",0.77633,{"date":357,"score":348,"percentile":358},"2026-01-24",0.77645,{"date":360,"score":348,"percentile":361},"2026-01-25",0.77636,{"date":363,"score":348,"percentile":364},"2026-01-26",0.77632,{"date":366,"score":348,"percentile":364},"2026-01-27",{"date":368,"score":348,"percentile":361},"2026-01-28",{"date":370,"score":348,"percentile":371},"2026-01-29",0.77631,{"date":373,"score":348,"percentile":361},"2026-01-30",{"date":375,"score":348,"percentile":376},"2026-01-31",0.77635,{"date":378,"score":348,"percentile":379},"2026-02-01",0.77755,[381,386],{"source":74,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":382,"cvss_v4_0":9},{"baseScore":72,"baseSeverity":383,"vectorString":75,"impactScore":384,"exploitabilityScore":385},"HIGH",6,10,{"source":81,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":387,"cvss_v4_0":9},{"baseScore":72,"baseSeverity":9,"vectorString":75,"impactScore":384,"exploitabilityScore":385},[389,407,451,463,472],{"ecosystem":9,"name":390,"vendor":391,"product":392,"cpe_part":393,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":394},"Apache Tomcat","apache software foundation","apache tomcat","a",[395,401,405],{"version":396,"is_range":397,"range_type":80,"version_start":398,"version_start_type":399,"version_end":400,"version_end_type":399,"fixed_in":9},">= 10.1.0-M1, \u003C= 10.1.1",true,"10.1.0-M1","including","10.1.1",{"version":402,"is_range":397,"range_type":80,"version_start":403,"version_start_type":399,"version_end":404,"version_end_type":399,"fixed_in":9},">= 9.0.40, \u003C= 9.0.68","9.0.40","9.0.68",{"version":406,"is_range":68,"range_type":80,"version_start":406,"version_start_type":399,"version_end":406,"version_end_type":399,"fixed_in":9},"8.5.83",{"ecosystem":9,"name":408,"vendor":9,"product":408,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":409},"Tomcat",[410,415,416,418,420,422,424,426,428,430,432,434,436,438,440,442,444,446,448,450],{"version":411,"is_range":397,"range_type":412,"version_start":403,"version_start_type":399,"version_end":413,"version_end_type":414,"fixed_in":9},"gte9.0.40_lt9.0.69","cpe","9.0.69","excluding",{"version":406,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":417,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone1",{"version":419,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone10",{"version":421,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone11",{"version":423,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone12",{"version":425,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone13",{"version":427,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone14",{"version":429,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone15",{"version":431,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone16",{"version":433,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone17",{"version":435,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone2",{"version":437,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone3",{"version":439,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone4",{"version":441,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone5",{"version":443,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone6",{"version":445,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone7",{"version":447,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone8",{"version":449,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone9",{"version":400,"is_range":68,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":452,"name":453,"vendor":454,"product":455,"cpe_part":9,"purl_type":456,"purl_namespace":454,"purl_name":455,"source":9,"versions":457},"Maven","org.apache.tomcat:tomcat-catalina","org.apache.tomcat","tomcat-catalina","maven",[458],{"version":459,"is_range":397,"range_type":460,"version_start":461,"version_start_type":399,"version_end":462,"version_end_type":414,"fixed_in":9},"gte10_1_0_lt10_1_2","ecosystem","10.1.0","10.1.2",{"ecosystem":452,"name":464,"vendor":454,"product":465,"cpe_part":9,"purl_type":456,"purl_namespace":454,"purl_name":465,"source":9,"versions":466},"org.apache.tomcat:tomcat-util","tomcat-util",[467,470],{"version":468,"is_range":397,"range_type":460,"version_start":406,"version_start_type":399,"version_end":469,"version_end_type":414,"fixed_in":9},"gte8_5_83_lt8_5_84","8.5.84",{"version":471,"is_range":397,"range_type":460,"version_start":403,"version_start_type":399,"version_end":413,"version_end_type":414,"fixed_in":9},"gte9_0_40_lt9_0_69",{"ecosystem":452,"name":473,"vendor":474,"product":475,"cpe_part":9,"purl_type":456,"purl_namespace":474,"purl_name":475,"source":9,"versions":476},"org.apache.tomcat.embed:tomcat-embed-core","org.apache.tomcat.embed","tomcat-embed-core",[477,478,479],{"version":468,"is_range":397,"range_type":460,"version_start":406,"version_start_type":399,"version_end":469,"version_end_type":414,"fixed_in":9},{"version":471,"is_range":397,"range_type":460,"version_start":403,"version_start_type":399,"version_end":413,"version_end_type":414,"fixed_in":9},{"version":459,"is_range":397,"range_type":460,"version_start":461,"version_start_type":399,"version_end":462,"version_end_type":414,"fixed_in":9}]